Log a warning if index is old

If the index is older than 2 weeks, logged a warning that the
index is old and user needs to update it by running
`suricata-update update-sources`.

diff --git a/suricata/update/main.py b/suricata/update/main.py
index 60881eed1fe3b03d63f286aaf2e2c43f6620a8d4..254b5e9987a17b57a31adc45b0af77837ae8743d 100644 (file)
--- a/suricata/update/main.py
+++ b/suricata/update/main.py
@@ -88,6 +88,8 @@ DEFAULT_SURICATA_VERSION = "4.0.0"
 # single file concatenating all input rule files together.
 DEFAULT_OUTPUT_RULE_FILENAME = "suricata.rules"
 
+INDEX_EXPIRATION_TIME = 60 * 60 * 24 * 14
+
 class AllRuleMatcher(object):
     """Matcher object to match all rules. """
 
@@ -977,6 +979,11 @@ def load_sources(suricata_version):
         if not os.path.exists(index_filename):
             logger.warning("No index exists, will use bundled index.")
             logger.warning("Please run suricata-update update-sources.")
+        if os.path.exists(index_filename) and time.time() - \
+                os.stat(index_filename).st_mtime > INDEX_EXPIRATION_TIME:
+            logger.warning(
+                "Source index is older than 2 weeks. "
+                "Please update with suricata-update update-sources.")
         index = sources.Index(index_filename)
 
         for (name, source) in enabled_sources.items():